big prob

I recently had a virus called AyerHS/Yaha, I just got rid of it today using Stinger, but now a load of other files are missing, and files that are meant to load on startup aren't working either...

It could be that this "Stinger" program saw those files as infected and either wiped them out or "fixed" them which actuall ruined them..........another possibility is that this program didn't find every last bit of Yaha

Stinger said it only deleted the 3 files from the yaha virus, so it couldn't be that...

but this is really annoying, it won't let apache run...

A couple more options for you if you haven't already tried these is to use some other removal tool to make sure "Stinger" got evertyhing. I've never heard of nor used Stinger but that doesn't mean it doesn't work but it's always a good bet to try a couple of other methods. Another method that I would recommend is the removal tool from BitDefender. It's the removal tool for Win32.Yaha.(A-Q), I'm not sure if this removal tool and your "variant" of the virus are the same but it's worth giving it a shot. If that's doesn't work for you open regedit (start menu, run, type "regedit" without quotes, hit ok) and go to this location like you are using Windows Explorer...

HKEY_Classes_Root\exefile\shell\open\command

once you click the "command" key on the right pane you should see a "default" and a value of "%1" %*. If the value for "default" key says C:\Recycled\%%%%.exe %1 %* where %%%%= a random string then you are still infected. you need to replace it to read "%1" %* (as it is shown).

If neither the removal tool that I suggested or another of the ones you found do not work nor if the registry key is changed the only other option that I have in mind is to backup, reformat, reinstall. Or wait for someone to come along that is smater than me. (i'd go with wait for someone to come along that is smarter than me lol) I hope this helped a little bit....

Link to BitDefender removal tool.....

http://www.bitdefender.com/download...e=AntiYahaa.exe


Good luck!
Mike

regedit, windows explorer and bitdefender won't open

i found a way to make msn open, which is go on hotmail, so if anyone knows how to write a javascript file that wud open the file automatically for me, hopefully that'd work...

http://housecall.antivirus.com/start_corp.asp


it's a free online virus scanner....don't know if it has Removal capabilities for the virus, but good luck....

oh and try restarting your computer in safe mode.. and running bitdefender and regedit...ya never know

nvm, i fixed it

i'm curious as to how :-D if you don't mind

i used a tool called FixYaha

I have the ayerhs virus too. I used fixyaha but still my drive C is infected. I only saw one thing that the tool fixed. You guys know any other online virus checkers? Can you post the links. I dun like to try stinger... thanks in advance

fixyaha isn't an online tool

I know. I downloaded it. I need other tools; online or not. HELP!

a couple of questions for you antares.

1. Do you have windows ME or XP installed?...if yes read 2 if no, read 3.

2. If yes...did you disable system restore before running the FixYaha removal tool?

3. Did you run the FixYaha tool in safe mode (if running windows XP)?

for question two if you have the system restore function enabled then the virus would've been saved in there also. IT's also a good idea after finding out that you have been infected with a virus to disable system restore and then renable. The reason for this is so you can clear the stored files for system restore. Also, if this is the FixYaha removal tool from Symantec (Norton) they also tell you to run the tool in safe mode.

If it is not the FixYaha from Symantec then you can try it here..

http://securityresponse.symantec.co...ter/FixYaha.com

and read about it here...

http://securityresponse.symantec.co...moval.tool.html

That's the fixyaha i tried. I disabled system restore before running the tool as well. Is it an effect of the virus not being removed soon enough? I had it for over 3 months and only found a tool to remove it the other day

http://securityresponse.symantec.co....yaha.e@mm.html
that is a link to nortons fix tool for that virus, you really need a virus program that is up2date, that scans email
if you dont want to pay for one go to
http://www.grisoft.com/
download the avg free edition, it updates for freeif you system is still causing trouble, install the programs that do not work again, dont remove, if a program install offers a repair option try it, if windows it's self is causing trouble do the same, do not format, and you wont loose anything